Skip to content

Commit

Permalink
🩹 backend: when anonymous user deletes file, update creator to parent…
Browse files Browse the repository at this point in the history 
… folder (#433)
  • Loading branch information
@ericlinagora
ericlinagora committed May 24, 2024
1 parent 0d3b600 commit 56bc7b2
Show file tree
Hide file tree
Showing 2 changed files with 90 additions and 16 deletions.
51 changes: 51 additions & 0 deletions tdrive/backend/node/src/services/documents/services/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ import { hasCompanyAdminLevel } from "../../../utils/company";
import gr from "../../global-resolver";
import { DriveFile, TYPE } from "../entities/drive-file";
import { FileVersion, TYPE as FileVersionType } from "../entities/file-version";
import User, { TYPE as UserType } from "../../user/entities/user";

import {
DriveTdriveTab as DriveTdriveTabEntity,
TYPE as DriveTdriveTabRepoType,
Expand Down Expand Up @@ -61,12 +63,14 @@ import {
ResourcePath,
} from "../../../core/platform/services/realtime/types";
import config from "config";

export class DocumentsService {
version: "1";
repository: Repository<DriveFile>;
searchRepository: SearchRepository<DriveFile>;
fileVersionRepository: Repository<FileVersion>;
driveTdriveTabRepository: Repository<DriveTdriveTabEntity>;
userRepository: Repository<User>;
ROOT: RootType = "root";
TRASH: TrashType = "trash";
quotaEnabled: boolean = config.has("drive.featureUserQuota")
Expand All @@ -93,8 +97,10 @@ export class DocumentsService {
DriveTdriveTabRepoType,
DriveTdriveTabEntity,
);
this.userRepository = await globalResolver.database.getRepository<User>(UserType, User);
} catch (error) {
logger.error({ error: `${error}` }, "Error while initializing Documents Service");
throw error;
}

return this;
Expand Down Expand Up @@ -678,6 +684,51 @@ export class DocumentsService {
} else {
//This item is not in trash, we move it to trash
item.is_in_trash = true;
// Check item belongs to someone
if (item.creator !== context?.user?.id) {
const creator = await this.userRepository.findOne({ id: item.creator });
if (creator.type === "anonymous") {
const loadedCreators = new Map<string, User>();
const path = await getPath(
item.id,
this.repository,
true,
context,
async item => {
if (!item.creator) return true;
const user =
loadedCreators.get(item.creator) ??
(await this.userRepository.findOne({ id: item.creator }));
loadedCreators.set(item.creator, user);
return user.type !== "anonymous";
},
true,
);
const [firstOwnedItem] = path;
if (firstOwnedItem) {
const firstKnownCreator = loadedCreators.get(firstOwnedItem.creator);
const accessEntitiesWithoutUser = item.access_info.entities.filter(
({ id, type }) => type != "user" || id != firstKnownCreator.id,
);
item.access_info.entities = [
...accessEntitiesWithoutUser,
{
type: "user",
id: firstKnownCreator.id,
level: "manage",
grantor: context.user.id,
},
];
item.creator = firstKnownCreator.id;
} else {
// Move to company trash
item.parent_id = "trash";
item.scope = "shared";
}
await this.repository.save(item);
}
}

await this.update(item.id, item, context);
}
await updateItemSize(previousParentId, this.repository, context);
Expand Down
55 changes: 39 additions & 16 deletions tdrive/backend/node/src/services/documents/utils.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -256,30 +256,44 @@ export const updateItemSize = async (
};

/**
* gets the path for the driveitem
* Get a list of parents for the provided DriveFile id, in top-down order,
* but internally iterated towards the top.
*
* @param {string} id
* @param {Repository<DriveFile>} repository
* @param {boolean} ignoreAccess
* @param {CompanyExecutionContext} context
* @returns
* @param {boolean} ignoreAccess If user from context doesn't have
* read access to an item, the item is not included and traversing
* towards parents is stopped there.
* @param {(item: DriveFile) => Promise<boolean>} predicate If set,
* returned items in the array include only those for which the
* `predicate`'s result resolved to true.
* @param {boolean?} stopAtFirstMatch If true, the lowest item
* in the hierarchy that matches the `predicate` will be the
* only item in the returned array.
* @returns A promise to an array of DriveFile entries in order
* starting from the root (eg. "My Drive"), and ending in the
* DriveFile matching the provided `id` ; both included.
*
* If `stopAtFirstMatch` is true and `predicate` is provided, the
* result is an array with a single item or an empty array.
*/
export const getPath = async (
id: string,
repository: Repository<DriveFile>,
ignoreAccess?: boolean,
context?: DriveExecutionContext,
predicate?: (item: DriveFile) => Promise<boolean>,
stopAtFirstMatch: boolean = false,
): Promise<DriveFile[]> => {
id = id || "root";
if (isVirtualFolder(id))
return !context?.user?.public_token_document_id || ignoreAccess
? [
{
id,
name: await getVirtualFoldersNames(id, context),
} as DriveFile,
]
if (isVirtualFolder(id)) {
const virtualItem = {
id,
name: await getVirtualFoldersNames(id, context),
} as DriveFile;
return (!context?.user?.public_token_document_id || ignoreAccess) &&
(!predicate || (await predicate(virtualItem)))
? [virtualItem]
: [];
}
const item = await repository.findOne({
id,
company_id: context.company.id,
Expand All @@ -288,8 +302,17 @@ export const getPath = async (
if (!item || (!(await checkAccess(id, item, "read", repository, context)) && !ignoreAccess)) {
return [];
}

return [...(await getPath(item.parent_id, repository, ignoreAccess, context)), item];
const isMatch = !predicate || (await predicate(item));
if (stopAtFirstMatch && isMatch) return [item];
const parents = await getPath(
item.parent_id,
repository,
ignoreAccess,
context,
predicate,
stopAtFirstMatch,
);
return isMatch ? [...parents, item] : parents;
};

/**
Expand Down

0 comments on commit 56bc7b2

Please sign in to comment.